We know that in the OpenShift container platform, POD has its own IP address, but it can only be available inside the cluster. What if I want to access MySQL in the container over the network from another physical machine?

I thought of the Router, but the Router only supports forwarding the HTTP protocol, so we’ll use TCP. So, here comes Nodeport!

Through NodePort

This method is suitable for long-term use and is provided externally

So let’s look at the names that have DC

➜ oc get dc NAME REVISION DESIRED CURRENT TRIGGERED BY hello-microservice 1 1 config,image(hello-microservice:latest) mysql-57-centos7 11 1 1 config,image(mysql-57-centos7:latest) nodejs-ex 1 1 1 config,image(nodejs-ex:latest)

Mysql-57-centos7 is what we need

The exposure specifies DC, the exposure type is LoadBalancer, and the name of the exposure is

oc expose dc mysql-57-centos7 --type=LoadBalancer --name=mysql-ingress

export

➜ OC export SVC mysql-ingress apiVersion: v1 kind: Service metadata: creationTimestamp: null Labels: app: OCT export SVC mysql-ingress apiVersion: v1 kind: Service metadata: creationTimestamp: null Labels: app: Mysql-57-centos7 name: mysql-ingress spec: DeprecatedPublicips: -172.29.208.121 externalps: -172.29.208.121 ports: - nodePort: 32621 port: 3306 protocol: TCP targetPort: 3306 selector: app: mysql-57-centos7 deploymentconfig: mysql-57-centos7 sessionAffinity: None type: LoadBalancer status: loadBalancer: {}

In the export configuration, we see that spec.ports. Nodeport is 32621, which is the destination port for external access to MySQL.

Log on to MySQL to test connectivity

➜ mysql --user=data --password=data --host=$(minishift IP) --port=32621 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 13 Server version: MySQL Community Server (GPL) Copyright (C) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help; ' or '\h' for help. Type '\c' to clear the current input statement. mysql>

OK, that looks fine.

Note: Be sure to assign appropriate login permissions. ERROR 1045 (28000): Access denied for user ‘data’@’172.17.0.1’ (using password: NO)

Therefore, we need to assign permissions to the IP address of the login client:

CREATE USER 'data'@'172.17.0.1' IDENTIFIED BY 'data'; GRANT ALL PRIVILEGES ON *.* TO 'DATA '@'172.17.0.1'; FLUSH PRIVILEGES;

Forwarding via port

Port forwarding can be connected to POD via the same network that your physical machine is on, and is often used in development and test environments

Enable port forwarding

➜ OC port-forward Mysql-57-Centos7-11-2WFS4 10001:3306 Forwarding from 127.0.0.1:10001-> 3306 Forwarding from 127.0.0.1:10001-> 3306 Forwarding from 127.0.0.1Centos7-11-2WFS4 10001:3306 Forwarding from 127.0.0.1-> [::1]:10001 -> 3306 Handling connection for 10001

MySQL connection test

➜ mysql-udata --password=data --host=127.0.0.1 --port=10001 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 19 Server version: MySQL Community Server (GPL) Copyright (C) 2000, 2017, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help; ' or '\h' for help. Type '\c' to clear the current input statement. mysql>

The above methods are not limited to applications such as MySQL. All kinds of TCP-based applications can use these two methods in the appropriate environment.